Android App FaceNiff Hijack Facebook Via WiFi Easily,Be Careful

Are you always use your Android Phone browsing Facebook,Twitter or YouTube ? Now you need to be more careful as your android phone in WiFi connection browsing these social networking service caused someone developed a Android app called ‘FaceNiffthat able hijacking a person’s current user session over an open Wi-Fi connection and control all these social networking service.

I still remember a Firefox add-on ‘Firesheep‘ having similar function as Faceniff,basically a packet sniffer that can analyze all the unencrypted Web traffic on an open Wi-Fi connection between a Wi-Fi router and the personal computers on the same network. The extension waits for someone to log in to any of the 26 sites listed in Firesheep’s database. When you log in to Amazon, for example, your browser’s Amazon-specific cookie communicates with the site and contains personally identifying information such as your user name and an Amazon session number ID.

What i worry is Android app FaceNiff more powerful than Firesheep,except can see all her/his friends, read her/his private messages and even issue a status update that went to all her friends in Facebook after hijacking a person Facebook’s account,it’s also able to hijack sessions in WEP,WPA or WPA2 encryption WiFi connection.Luckily Faceniff unable to hijacking a hijacking a person’s current user session with SSL web connection.


How To Prevent As Using Public WiFi

1.Use HTTPS Connection as browsing all these social can activate HTTPS connection  in setting option.

2.Use VPN connection such as hotspot Shield.Basically creates a secure tunnel for your data that runs between the Wi-Fi router and your computer.This means FaceNiff will not be able to steal any data passing between your computer and the router since all communications will be encrypted.

Below is a video how Faceniff works.

Be careful and alert using Public WiFi.

Latest Comments
  1. anonyTake June 13, 2011
  2. Otakore Literantadodist July 17, 2011